<?php

/**
 *      [Discuz!] (C)2001-2099 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: uc.php 30176 2012-05-15 08:25:28Z zhangguosheng $
 */
error_reporting(0);

session_start();

define('UC_CLIENT_VERSION', '1.6.0');
define('UC_CLIENT_RELEASE', '20110501');

define('API_DELETEUSER', 1);
define('API_RENAMEUSER', 1);
define('API_GETTAG', 1);
define('API_SYNLOGIN', 1);
define('API_SYNLOGOUT', 1);
define('API_UPDATEPW', 1);
define('API_UPDATEBADWORDS', 1);
define('API_UPDATEHOSTS', 1);
define('API_UPDATEAPPS', 1);
define('API_UPDATECLIENT', 1);
define('API_UPDATECREDIT', 1);
define('API_GETCREDIT', 1);
define('API_GETCREDITSETTINGS', 1);
define('API_UPDATECREDITSETTINGS', 1);
define('API_ADDFEED', 1);
define('API_RETURN_SUCCEED', '1');
define('API_RETURN_FAILED', '-1');
define('API_RETURN_FORBIDDEN', '1');

define('IN_API', true);
define('CURSCRIPT', 'api');

if (!defined('IN_UC')) {
	require '../uc_client/config.inc.php';

	$get = $post = array();

	$code = @$_GET['code'];

	parse_str(authcode($code, 'DECODE', UC_KEY), $get);

	if (time() - $get['time'] > 3600) {
		exit('Authracation has expiried');
	}
	if (empty($get)) {
		exit('Invalid Request');
	}
	include_once '../uc_client/lib/xml.class.php';
	$post = xml_unserialize(file_get_contents('php://input'));

	if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcredit', 'getcreditsettings', 'updatecreditsettings', 'addfeed'))) {
		//加载Yii应用主体，就能使用Yii主类
		require(dirname(dirname($_SERVER['DOCUMENT_ROOT'])) . '/vendor/autoload.php');
		require(dirname(dirname($_SERVER['DOCUMENT_ROOT'])) . '/vendor/yiisoft/yii2/Yii.php');
		require(dirname(dirname($_SERVER['DOCUMENT_ROOT'])) . '/common/config/bootstrap.php');
		require(dirname($_SERVER['DOCUMENT_ROOT']) . '/config/bootstrap.php');

		$config = yii\helpers\ArrayHelper::merge(
			require(dirname(dirname($_SERVER['DOCUMENT_ROOT'])) . '/common/config/main.php'),
			require(dirname(dirname($_SERVER['DOCUMENT_ROOT'])) . '/common/config/main-local.php'),
			require(dirname($_SERVER['DOCUMENT_ROOT']) . '/config/main.php'),
			require(dirname($_SERVER['DOCUMENT_ROOT']) . '/config/main-local.php')
		);
		new yii\web\Application($config);

		$uc_note = new uc_note();
		echo $uc_note -> $get['action']($get, $post);
		exit();
	} else {
		exit(API_RETURN_FAILED);
	}
} else {
	exit ;
}

class uc_note {

	var $dbconfig = '';
	var $db = '';
	var $tablepre = '';
	var $appdir = '';

	function _serialize($arr, $htmlon = 0) {
		if (!function_exists('xml_serialize')) {
			include_once'../uc_client/lib/xml.class.php';
		}
		return xml_serialize($arr, $htmlon);
	}

	function uc_note() {

	}

	function test($get, $post) {
		return API_RETURN_SUCCEED;
	}

	function deleteuser($get, $post) {
		global $_G;
		if (!API_DELETEUSER) {
			return API_RETURN_FORBIDDEN;
		}
		$uids = str_replace("'", '', stripslashes($get['ids']));
		$ids = array();
		$ids = array_keys(C::t('common_member') -> fetch_all($uids));
		require_once DISCUZ_ROOT . './source/function/function_delete.php';
		$ids && deletemember($ids);

		return API_RETURN_SUCCEED;
	}

	function renameuser($get, $post) {
		global $_G;

		if (!API_RENAMEUSER) {
			return API_RETURN_FORBIDDEN;
		}

		$tables = array('common_block' => array('id' => 'uid', 'name' => 'username'), 'common_invite' => array('id' => 'fuid', 'name' => 'fusername'), 'common_member_verify_info' => array('id' => 'uid', 'name' => 'username'), 'common_mytask' => array('id' => 'uid', 'name' => 'username'), 'common_report' => array('id' => 'uid', 'name' => 'username'), 'forum_thread' => array('id' => 'authorid', 'name' => 'author'), 'forum_activityapply' => array('id' => 'uid', 'name' => 'username'), 'forum_groupuser' => array('id' => 'uid', 'name' => 'username'), 'forum_pollvoter' => array('id' => 'uid', 'name' => 'username'), 'forum_post' => array('id' => 'authorid', 'name' => 'author'), 'forum_postcomment' => array('id' => 'authorid', 'name' => 'author'), 'forum_ratelog' => array('id' => 'uid', 'name' => 'username'), 'home_album' => array('id' => 'uid', 'name' => 'username'), 'home_blog' => array('id' => 'uid', 'name' => 'username'), 'home_clickuser' => array('id' => 'uid', 'name' => 'username'), 'home_docomment' => array('id' => 'uid', 'name' => 'username'), 'home_doing' => array('id' => 'uid', 'name' => 'username'), 'home_feed' => array('id' => 'uid', 'name' => 'username'), 'home_feed_app' => array('id' => 'uid', 'name' => 'username'), 'home_friend' => array('id' => 'fuid', 'name' => 'fusername'), 'home_friend_request' => array('id' => 'fuid', 'name' => 'fusername'), 'home_notification' => array('id' => 'authorid', 'name' => 'author'), 'home_pic' => array('id' => 'uid', 'name' => 'username'), 'home_poke' => array('id' => 'fromuid', 'name' => 'fromusername'), 'home_share' => array('id' => 'uid', 'name' => 'username'), 'home_show' => array('id' => 'uid', 'name' => 'username'), 'home_specialuser' => array('id' => 'uid', 'name' => 'username'), 'home_visitor' => array('id' => 'vuid', 'name' => 'vusername'), 'portal_article_title' => array('id' => 'uid', 'name' => 'username'), 'portal_comment' => array('id' => 'uid', 'name' => 'username'), 'portal_topic' => array('id' => 'uid', 'name' => 'username'), 'portal_topic_pic' => array('id' => 'uid', 'name' => 'username'), );

		if (!C::t('common_member') -> update($get['uid'], array('username' => $get[newusername])) && isset($_G['setting']['membersplit'])) {
			C::t('common_member_archive') -> update($get['uid'], array('username' => $get[newusername]));
		}

		loadcache("posttableids");
		if ($_G['cache']['posttableids']) {
			foreach ($_G['cache']['posttableids'] AS $tableid) {
				$tables[getposttable($tableid)] = array('id' => 'authorid', 'name' => 'author');
			}
		}

		foreach ($tables as $table => $conf) {
			DB::query("UPDATE " . DB::table($table) . " SET `$conf[name]`='$get[newusername]' WHERE `$conf[id]`='$get[uid]'");
		}
		return API_RETURN_SUCCEED;
	}

	function gettag($get, $post) {
		global $_G;
		if (!API_GETTAG) {
			return API_RETURN_FORBIDDEN;
		}
		return $this -> _serialize(array($get['id'], array()), 1);
	}

	//当其他应用登录的时候，调用uc.php入口（其他应用本身不会产生此get请求），进行异步同时登录
	function synlogin($get, $post) {
		if (!API_SYNLOGIN) {
			return API_RETURN_FORBIDDEN;
		}
		//此uid是ucenter的uid
	}

	//当其他应用退出的时候，调用uc.php入口（其他应用本身不会产生此get请求），进行异步同时退出
	function synlogout($get, $post) {
		if (!API_SYNLOGOUT) {
			return API_RETURN_FORBIDDEN;
		}
	}

	function updatepw($get, $post) {
		global $_G;

		if (!API_UPDATEPW) {
			return API_RETURN_FORBIDDEN;
		}

		$username = $get['username'];
		$newpw = md5(time() . rand(100000, 999999));
		$uid = 0;
		if (($uid = C::t('common_member') -> fetch_uid_by_username($username))) {
			$ext = '';
		} elseif (($uid = C::t('common_member_archive') -> fetch_uid_by_username($username))) {
			$ext = '_archive';
		}
		if ($uid) {
			C::t('common_member' . $ext) -> update($uid, array('password' => $newpw));
		}

		return API_RETURN_SUCCEED;
	}

	function updatebadwords($get, $post) {
		global $_G;

		if (!API_UPDATEBADWORDS) {
			return API_RETURN_FORBIDDEN;
		}

		$data = array();
		if (is_array($post)) {
			foreach ($post as $k => $v) {
				$data['findpattern'][$k] = $v['findpattern'];
				$data['replace'][$k] = $v['replacement'];
			}
		}
		$cachefile = DISCUZ_ROOT . './uc_client/data/cache/badwords.php';
		$fp = fopen($cachefile, 'w');
		$s = "<?php\r\n";
		$s .= '$_CACHE[\'badwords\'] = ' . var_export($data, TRUE) . ";\r\n";
		fwrite($fp, $s);
		fclose($fp);

		return API_RETURN_SUCCEED;
	}

	function updatehosts($get, $post) {
		global $_G;

		if (!API_UPDATEHOSTS) {
			return API_RETURN_FORBIDDEN;
		}

		$cachefile = DISCUZ_ROOT . './uc_client/data/cache/hosts.php';
		$fp = fopen($cachefile, 'w');
		$s = "<?php\r\n";
		$s .= '$_CACHE[\'hosts\'] = ' . var_export($post, TRUE) . ";\r\n";
		fwrite($fp, $s);
		fclose($fp);

		return API_RETURN_SUCCEED;
	}

	function updateapps($get, $post) {
		global $_G;

		if (!API_UPDATEAPPS) {
			return API_RETURN_FORBIDDEN;
		}

		$UC_API = '';
		if ($post['UC_API']) {
			$UC_API = $post['UC_API'];
			unset($post['UC_API']);
		}

		$cachefile = DISCUZ_ROOT . './uc_client/data/cache/apps.php';
		$fp = fopen($cachefile, 'w');
		$s = "<?php\r\n";
		$s .= '$_CACHE[\'apps\'] = ' . var_export($post, TRUE) . ";\r\n";
		fwrite($fp, $s);
		fclose($fp);

		if ($UC_API && is_writeable(DISCUZ_ROOT . './config/config_ucenter.php')) {
			if (preg_match('/^https?:\/\//is', $UC_API)) {
				$configfile = trim(file_get_contents(DISCUZ_ROOT . './config/config_ucenter.php'));
				$configfile = substr($configfile, -2) == '?>' ? substr($configfile, 0, -2) : $configfile;
				$configfile = preg_replace("/define\('UC_API',\s*'.*?'\);/i", "define('UC_API', '" . addslashes($UC_API) . "');", $configfile);
				if ($fp = @fopen(DISCUZ_ROOT . './config/config_ucenter.php', 'w')) {
					@fwrite($fp, trim($configfile));
					@fclose($fp);
				}
			}
		}
		return API_RETURN_SUCCEED;
	}

	function updateclient($get, $post) {
		global $_G;

		if (!API_UPDATECLIENT) {
			return API_RETURN_FORBIDDEN;
		}

		$cachefile = DISCUZ_ROOT . './uc_client/data/cache/settings.php';
		$fp = fopen($cachefile, 'w');
		$s = "<?php\r\n";
		$s .= '$_CACHE[\'settings\'] = ' . var_export($post, TRUE) . ";\r\n";
		fwrite($fp, $s);
		fclose($fp);

		return API_RETURN_SUCCEED;
	}

	function updatecredit($get, $post) {
		global $_G;

		if (!API_UPDATECREDIT) {
			return API_RETURN_FORBIDDEN;
		}

		$credit = $get['credit'];
		$amount = $get['amount'];
		$uid = $get['uid'];
		if (!getuserbyuid($uid)) {
			return API_RETURN_SUCCEED;
		}

		updatemembercount($uid, array($credit => $amount));
		C::t('common_credit_log') -> insert(array('uid' => $uid, 'operation' => 'ECU', 'relatedid' => $uid, 'dateline' => time(), 'extcredits' . $credit => $amount));

		return API_RETURN_SUCCEED;
	}

	function getcredit($get, $post) {
		global $_G;

		if (!API_GETCREDIT) {
			return API_RETURN_FORBIDDEN;
		}
		$uid = intval($get['uid']);
		$credit = intval($get['credit']);
		$_G['uid'] = $_G['member']['uid'] = $uid;
		return getuserprofile('extcredits' . $credit);
	}

	function getcreditsettings($get, $post) {
		global $_G;

		if (!API_GETCREDITSETTINGS) {
			return API_RETURN_FORBIDDEN;
		}

		$credits = array();
		foreach ($_G['setting']['extcredits'] as $id => $extcredits) {
			$credits[$id] = array(strip_tags($extcredits['title']), $extcredits['unit']);
		}

		return $this -> _serialize($credits);
	}

	function updatecreditsettings($get, $post) {
		global $_G;

		if (!API_UPDATECREDITSETTINGS) {
			return API_RETURN_FORBIDDEN;
		}

		$outextcredits = array();
		foreach ($get['credit'] as $appid => $credititems) {
			if ($appid == UC_APPID) {
				foreach ($credititems as $value) {
					$outextcredits[$value['appiddesc'] . '|' . $value['creditdesc']] = array('appiddesc' => $value['appiddesc'], 'creditdesc' => $value['creditdesc'], 'creditsrc' => $value['creditsrc'], 'title' => $value['title'], 'unit' => $value['unit'], 'ratiosrc' => $value['ratiosrc'], 'ratiodesc' => $value['ratiodesc'], 'ratio' => $value['ratio']);
				}
			}
		}
		$tmp = array();
		foreach ($outextcredits as $value) {
			$key = $value['appiddesc'] . '|' . $value['creditdesc'];
			if (!isset($tmp[$key])) {
				$tmp[$key] = array('title' => $value['title'], 'unit' => $value['unit']);
			}
			$tmp[$key]['ratiosrc'][$value['creditsrc']] = $value['ratiosrc'];
			$tmp[$key]['ratiodesc'][$value['creditsrc']] = $value['ratiodesc'];
			$tmp[$key]['creditsrc'][$value['creditsrc']] = $value['ratio'];
		}
		$outextcredits = $tmp;

		$cachefile = DISCUZ_ROOT . './uc_client/data/cache/creditsettings.php';
		$fp = fopen($cachefile, 'w');
		$s = "<?php\r\n";
		$s .= '$_CACHE[\'creditsettings\'] = ' . var_export($outextcredits, TRUE) . ";\r\n";
		fwrite($fp, $s);
		fclose($fp);

		return API_RETURN_SUCCEED;
	}

	function addfeed($get, $post) {
		global $_G;

		if (!API_ADDFEED) {
			return API_RETURN_FORBIDDEN;
		}
		return API_RETURN_SUCCEED;
	}

}

function ip() {
	if (getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
		$ip = getenv('HTTP_CLIENT_IP');
	} elseif (getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
		$ip = getenv('HTTP_X_FORWARDED_FOR');
	} elseif (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
		$ip = getenv('REMOTE_ADDR');
	} elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
		$ip = $_SERVER['REMOTE_ADDR'];
	}
	return preg_match('/[\d\.]{7,15}/', $ip, $matches) ? $matches[0] : '';
}

function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {

	$ckey_length = 4;
	// 随机密钥长度 取值 0-32;
	// 加入随机密钥，可以令密文无任何规律，即便是原文和密钥完全相同，加密结果也会每次不同，增大破解难度。
	// 取值越大，密文变动规律越大，密文变化 = 16 的 $ckey_length 次方
	// 当此值为 0 时，则不产生随机密钥

	$key = md5($key ? $key : UC_KEY);
	$keya = md5(substr($key, 0, 16));
	$keyb = md5(substr($key, 16, 16));
	$keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length) : substr(md5(microtime()), -$ckey_length)) : '';

	$cryptkey = $keya . md5($keya . $keyc);
	$key_length = strlen($cryptkey);

	$string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0) . substr(md5($string . $keyb), 0, 16) . $string;
	$string_length = strlen($string);

	$result = '';
	$box = range(0, 255);

	$rndkey = array();
	for ($i = 0; $i <= 255; $i++) {
		$rndkey[$i] = ord($cryptkey[$i % $key_length]);
	}

	for ($j = $i = 0; $i < 256; $i++) {
		$j = ($j + $box[$i] + $rndkey[$i]) % 256;
		$tmp = $box[$i];
		$box[$i] = $box[$j];
		$box[$j] = $tmp;
	}

	for ($a = $j = $i = 0; $i < $string_length; $i++) {
		$a = ($a + 1) % 256;
		$j = ($j + $box[$a]) % 256;
		$tmp = $box[$a];
		$box[$a] = $box[$j];
		$box[$j] = $tmp;
		$result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
	}

	if ($operation == 'DECODE') {
		if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26) . $keyb), 0, 16)) {
			return substr($result, 26);
		} else {
			return '';
		}
	} else {
		return $keyc . str_replace('=', '', base64_encode($result));
	}
}
